Legal claims defining the scope of protection, as filed with the USPTO.
1. A system comprising: a plurality of host computers storing program instructions executable to implement: a control manager; a plurality of agents, wherein each host computer has installed thereon a respective agent of the plurality of agents, and wherein each respective agent includes a behavior control engine configured to group one or more processes of one or more applications executing on the corresponding host computer into one or more process sets according to a corresponding process binding module that includes rules that map a given process to one of the process sets, and further configured to restrict execution of the processes of each process set according to a corresponding behavior control description module; and a management infrastructure configured to manage a central storage of the corresponding behavior control description module of each of the plurality of agents, wherein the management infrastructure includes an interface configured to facilitate loading of the corresponding process binding module and the corresponding behavior control description module into the behavior control engine of each agent and an interface configured to facilitate modifications to the corresponding process binding module and the corresponding behavior control description module of each of the plurality of agents modules by the control manager.
2. The system as recited in claim 1 wherein the behavior control engine of each agent is loaded into an operating system kernel of the corresponding host computer.
3. The system as recited in claim 1 wherein the behavior control engine of each agent is configured to restrict execution of the processes of each process set according to instruction code included within the corresponding behavior control description module.
4. The system as recited in claim 3 wherein the instruction code is specified in XML (extensible mark-up language) code.
5. The system as recited in claim 3 wherein the behavior control engine of each agent is configured to restrict execution of the processes of each process set by monitoring execution of the processes and detecting accesses to and use of particular system resources specified by the corresponding behavior control description module.
6. The system as recited in claim 1 wherein the process binding module includes rules that map a given process to one of the process sets dynamically based on operations performed by the given process.
7. The system as recited in claim 6 wherein the process binding module includes rules that map a given process to one of the process sets based on an ancestry of the given process.
8. The system as recited in claim 6 wherein each process set is defined by attributes of a process including any one or more of: a pathname, process identity, process privileges, and process command line arguments.
9. The system as recited in claim 1 wherein the management infrastructure is further configured to manage a central storage of the corresponding process binding module of each of the plurality of agents.
10. The system as recited in claim 1 wherein the plurality of agents and the management infrastructure are configured to support multiple operating system platforms.
11. The system as recited in claim 1 wherein the control manager is configured to allow an administrator to control a configuration of each of the plurality of agents.
12. The system as recited in claim 1 wherein the program instructions are further executable to implement a profiler module configured to generate an initial behavior control description module used to create the corresponding behavior control description module of at least one of the agents.
13. A storage medium storing program instructions executable to implement: a control manager; a plurality of agents, wherein each agent is configured to be executed on a corresponding host computer of a plurality of host computers, and wherein each respective agent includes a behavior control engine configured to group one or more processes of one or more applications executing on the corresponding host computer into one or more process sets according to a corresponding process binding module that includes rules that map a given process to one of the process sets, and further configured to restrict execution of the processes of each process set according to a corresponding behavior control description module; and a management infrastructure configured to manage a central storage of the corresponding behavior control description module of each of the plurality of agents, wherein the management infrastructure includes an interface configured to facilitate loading of the corresponding process binding module and the corresponding behavior control description module into the behavior control engine of each agent and an interface configured to facilitate modifications to the corresponding process binding module and the corresponding behavior control description module of each of the plurality of agents modules by the control manager.
14. The storage medium as recited in claim 13 wherein the behavior control engine of each agent is configured to be loaded into an operating system kernel of the corresponding host computer.
15. The storage medium as recited in claim 13 wherein the behavior control engine of each agent is configured to restrict execution of the processes of each process set according to instruction code included within the corresponding behavior control description module.
16. The storage medium as recited in claim 15 wherein the instruction code is specified in XML (extensible mark-up language) code.
17. The storage medium as recited in claim 15 wherein the behavior control engine of each agent is configured to restrict execution of the processes of each process set by monitoring execution of the processes and detecting accesses to and use of particular system resources specified by the corresponding behavior control description module.
18. The storage medium as recited in claim 13 wherein the process binding module includes rules that map a given process to one of the process sets dynamically based on operations performed by the given process.
19. The storage medium as recited in claim 18 wherein the process binding module includes rules that map a given process to one of the process sets based on an ancestry of the given process.
20. The storage medium as recited claim 18 wherein each process set is defined by attributes of a process including any one or more of: a pathname, process identity, process privileges, and process command line arguments.
21. The storage medium as recited in claim 13 wherein the management infrastructure is further configured to manage a central storage of the corresponding process binding module of each of the plurality of agents.
22. The storage medium as recited in claim 13 wherein the plurality of agents and the management infrastructure are configured to support multiple operating system platforms.
23. The storage medium as recited in claim 13 wherein the control manager is configured to allow an administrator to control a configuration of each of the plurality of agents.
24. The storage medium as recited in claim 13 wherein the program instructions are further executable to implement a profiler module configured to generate an initial behavior control description module used to create the corresponding behavior control description module of at least one of the agents.
Unknown
February 2, 2010
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.